creating a holistic social responsibility supply chain risk … webinar 16 june.compressed.pdf ·...

1 Copyright © 2014 BSI. All rights reserved.

Creating a Holistic Social Responsibility Supply Chain Risk Management Program Presented by: Courtney Foster Supply Chain Solutions Manager -EMEA


Agenda • Introduction to BSI Supply Chain Solutions • Importance of understanding Social Responsibility risks

• Brand Protection • Customer driven importance

• Review government legislation relevant to Social Responsibility practices • UK Modern Slavery Act • EU Conflict Minerals initiative • Anti-Bribery legistlation

• Understanding a best practice approach to mitigate ethical risks in supply chains • Country risk • Supplier-specific risks • Auditing practices and reporting

22/06/2015


Who is BSI?

22/06/2015


Welcome to BSI – Over 100 Years of Innovation • 1901 - World’s first National Standards Body

• 1947 - Founding member of International Standards Organization (ISO)

• BSI issues over 2,000 standards each year

• Carry out 150,000 assessments each year in over 160 countries

BSI Supply Chain Solutions • Over 20 years experience assessing global supply chain threats

• Provider of Supply Chain Intelligence to global government and to commercial clients

• Proprietary Risk Modelling relating to supplier compliance and assessment management

• On-site Auditing in 150+ countries annually


A truly global brand and network – trusted and recognized

• Clients in 150 countries

• 61 offices worldwide

• 3 regional hubs in UK, US and Hong Kong

• Global key account management

• Facilitating governance, risk & compliance

• Certifying and verifying global suppliers

• Stimulating international trade


Defining Social Responsibility Why is it so important?

22/06/2015


What is Corporate Social Responsibility? United Nations definition: “Corporate Social Responsibility is a management concept whereby companies integrate social and environmental concerns in their business operations and interactions with their stakeholders.” Key CSR issues: environmental management, eco-efficiency, responsible sourcing, stakeholder engagement, labour standards and working conditions, employee and community relations, social equity, gender balance, human rights, good governance, and anti-corruption measures.


Your REPUTATION is your

of Executives say a strong corporate brand is just as important as strong product brand

of a company’s market value is attributable to its brand reputation of consumers avoid buying a product if they don’t like or trust the company behind the product

Source Weber Shandwick 2012The Company behind the Brand: In Reputation We Trust

http://www.google.com/url?sa=i&rct=j&q=Brand+reputation&source=images&cd=&cad=rja&docid=RYLIHlWhlwtONM&tbnid=oDqvdePVrnND6M:&ved=0CAUQjRw&url=http://www.wizseoservicesaustralia.com/reputation-management-australia/&ei=7pi0Uf7wDMnlyAGx3IGIDg&psig=AFQjCNFn8MgBMZiYYCKwM2a72Qi7A2lx7g&ust=1370876494091409


30% said that they expect to increase the amount of goods and services they

buy from socially-responsible companies.

PWC has found that 88% of millennials choose employers based on

strong CSR values, and 86% would consider

leaving if the companies’ CSR values no longer met

their expectations.

CSR is responsible for more than 40% of a company’s

reputation

Source: H&M CSR Report 2013 PWC Whitepaper 2013

Forbes consumer survey 2013

340 million fewer liters of water used

in denim production.

Why is Corporate Social Responsibility Important?


Reputational Risks

Source: Reputation Intelligence Winter 2013

42% of a company’s reputation is driven by perceptions of Citizenship, Governance,

and Workplace.


External Suppliers are a Part of Your Business Take corporate social responsibility policies externally

Many companies implement social responsibility management systems to encourage an ethical workplace at their own internal sites. It is important to then take these ethical practices and push them outwards to your supplier base. Your suppliers are absolutely critical points for your business

22/06/2015

Social Responsibility Policies


• Business Ethics

• Conflict Minerals

• Waste Management

• Environmental, Health and Safety

• Human Rights

• Labour Standards

• Wage Rights

• Working Conditions

CSR Risk Management


Government legislation drivers to assessing Social Responsibility supply chain risks

22/06/2015


European Union – Conflict Minerals Legislation

22/06/2015

European Union’s legislative body has adopted a draft law to ensure conflict minerals are not part of corporations supply chains.

Requirements: • importers must certify their supply chains are free from minerals produced in conflict

zones. • European companies perform due diligence to ensure that any of the four minerals tin,

tantalum, tungsten, or gold used in their products did not contribute to a military conflict.

Next steps: • The legislation will now be negotiated by the European Commission, the EU’s executive

body, before becoming actual law. • It remains to be seen if the Commission will grant its approval for the legislation, as

the body had previously recommended making the certification measures voluntary. Magnitude: • If approved, the law would impact as many as 880,000 companies and about 20 refinery

or “smelting” facilities. • The proposal covers the same minerals as the U.S. Dodd-Frank legislation but applies to

mining operations worldwide, rather than just countries in Central Africa.


Conflict minerals Trade Flows from Central Africa region


UK Modern Slavery Act

22/06/2015

United Kingdom passed into law a monumental progress step towards eradicating slavery and force labour in supply chains.

Requirements: • Commercial organisations must prepare a slavery and human trafficking statement for each financial

year • Statement has to outline steps org has taken to ensure no slavery in supply chain or in any part of

business OR statement has to say that the organisation has taken no steps to ensure a process is in place

Statement can include: • Corporate organisational structure and supply chain • Corporate polices related to human trafficking • Due diligence process related to slavery/human trafficking • Determine the parts of the business where a risk of slavery exists • Steps that make sure these high risk areas have been

assessed and managed that risk • Level of effectiveness of due diligence process to ensure no slavery

• Measured against Key Performance Indicators • Training for staff related to slavery/human trafficking • Must have high level executive staff sign off

Part 6 Section 54 – Transparency in the Supply Chain


Magnitude • Applies to any commercial organisation that provides goods or

services in the UK • There is an annual turnover threshold that is intended to set

which commercial organisations will be required to report • Still not stated what this turnover threshold is

• Statement must be published on corporate website and in a prominent location

Penalties and Repercussions • Duties can be imposed by Secretary of State and bring

organisation to civil proceeding court if failure to comply with legislation

• Corporate brand will be tarnished • Lack of consumer trust

22/06/2015

UK Modern Slavery Act Part 6 Section 54 – Transparency in the Supply Chain


Anti-Bribery Regulatory Requirements

22/06/2015

UK Legislation – Bribery Act 2010 US Legislation – Foreign Corrupt Practices Act – FCPA *Key – applies to all suppliers who do business with UK and US companies

The principal way in which companies can approach bribery risks which could be present in a supply chain is by employing the types of anti-bribery procedures:

• risk-based due diligence • the use of anti-bribery terms and conditions

It is suggested that these processes are used in the relationship with their contractual counterparty (direct supplier), and by requesting that counterparty to adopt a similar approach with the next party in the chain.

Magnitude : Very strict penalties for bribery in the US,

UK and elsewhere – requirements are pushed to

suppliers


Your CEO is at a Shareholder meetings together with

stakeholders, media and NGO’s and is going to be

asked some questions following some recent supply

chain issues which have put a number of

Governance, Risk & Compliance issues under the

spotlight

“Stress Test”


Do you have the answers?

1. How many suppliers do you have?

2. How many are direct vs. indirect?

3. Do you actively verify the living profiles of your suppliers?

4. Have you conducted risk assessments of all your suppliers?

5. How many have you physically visited?

a. What are the issues and where?

b. What improvements have you made?

6. Does your supply chain adhere to your corporate values?

7. Can you tell your supply chain story?


What Does Good Look Like?

21

1. Ensures Corporate values are aligned with Supply Chain, R & D, Procurement, Risk and Compliance. Avoid opposing forces.

2. Keep an active database of living and approved supplier profiles

3. Conducts supplier risk assessments relating to product type, country, private label , critical items, economic or reputational risk issues

4. Categorizes suppliers into risk profiles

5. Allocate your resources, activities to areas of greatest risk

6. Conducts on-site validation of critical or higher risk suppliers to verify profiles and measure if they adhere to corporate values

7. Measures, monitors and improves the performance of suppliers and supports those that adhere to corporate values

Be in a position to articulate, explain and tell your supply chain story:

• What are the issues and where? • Improvements made or plans to be made? • How your supply chain aligns with corporate value?


Managing Corporate Social Responsibility Compliance in Your Supply Chain


• Manual Supplier Self-Assessments

• No Geographic Risk Intelligence


• Supply Chain Geographic Risk Intelligence

• Automated Software for Supplier Self-Assessments

• Supply Chain Geographic Intelligence

• Risk Methodology for On-site Audits

• Corrective And Preventative Action Plans

SUP

PLI

ER P

ERFO

RM

AN

CE

Entry Level Layer

Layer 1

Layer 2

Layer 3

INCREASED SUPPLY CHAIN VISIBILITY AND COMPLIANCE

2014

Progression Towards Maximum Compliance


Entry Level Layer



2014

Entry Level Layer


Objectives and Criteria Goals of Questionnaire • Social Responsibility • Business Continuity • Code of Conduct • Quality

Questionnaire Functionality Needs • Attachments needed? • Additional supporting text needed? • Weight of questions • Question scored in risk calculation?

Questionnaire Development


• Large attachments needed to be sent and received

• Digging through archives for supplier responses

• Inability to have multiple internal representatives send assessments

• Mass communication limitations

• Read receipts difficult to obtain for emails

• Tracking change requests for new supplier

email points of contact

• Follow-up emails required- reminders not

customized based on status

• Multiple points of contact for supplier

2014

Sending Assessments from Personal Email


• Inability to understand where different suppliers are in completion process • More difficult to filter suppliers based on region, division, product type, SAP number • Tagging suppliers to specific buyers/agents more difficult • Hard to track number of reminders, date sent, and the wording of the different emails

Excel Spreadsheet Tracking Completed Assessments


Checklist Results: 70% Compliant


• Assume suppliers are EQUAL risk based on their compliance scores from a simple checklist

• Single-focused self-assessments sent out manually from own email

• No geographic risk incorporated • No automation • Unsystematic, single-focused audits 2014

Traditional Risk Assessment Approach

29 Copyright © 2014 BSI. All rights reserved. 2014

Unsystematic, Single-Focused On-Site Audits


Layer 1



2014

Layer 1


• This generic threat information gives an inaccurate assessment for issues related to supply chain • Much of it is not applicable to supply chain threats • This information does not assess threats in context to other threats in other areas • The information is dated and does not provide active monitoring for a changing world

You cannot look at traditional Travel Security or Political Stability risk and apply it to

supply chain threats

Insufficient or incorrect

information

GOOGLE

2014

Analyzing the Geographic Threats to Supply Chains– The Minimum Approach

Government Tracking & Alert Websites


Generic Geographic R isk

Travel Security Guarded Risk

Political Stability

Guarded Risk

Supply Chain Specific Geographic R isk

Human Rights

High Risk

Working Conditions Severe Risk

Child Labor Severe Risk

Environment Elevated Risk

PERU

2014

Supply Chain Geographic Risk Intelligence


Country Number of Suppliers BSI Human Rights Risk Rating

ARGENTINA 5 3 AUSTRALIA 4 1 AUSTRIA FUTURE ??

CHILE 1 1 CHINA 52 5

COLOMBIA 6 3 CZECH REPUBLIC FUTURE ??

DENMARK 8 1 FRANCE 18 1 IRELAND FUTURE ?? MEXICO 12 3 RUSSIA 6 4

SWITZERLAND FUTURE ?? UNITED KINGDOM 10 1 UNITED STATES 45 1

• Procurement comes to Supply Chain divisions to inquire about country risks in emerging markets and new business ventures • If you’re only assessing current source countries, no analysis readily available

• Manual analysis of country risk prevents the ability to view country risks in a context of a regional view

Country Risk Overview


Country Risk Identification – Case study in Indonesia

Last month, Minister of Manpower in Indonesia has set a goal of eliminating child labour by the year 2022. • did not specify any new programs designed to help reduce the prevalence of child labour • stated that the ministry would be working with employers and unions to end the practice.

BSI Analysis: Indonesia suffers from an threat of child labour, with an estimated seven percent of five to 14 year olds performing some form of work in the country. Child labour is most prevalent in the agricultural sector, with the palm oil industry being notably problematic. Poverty among many Indonesian families is one of the primary causes leading children to prematurely enter the workforce. Another government program - the Child Labour Elimination Program - removes child workers from their workplaces while providing remedial education, counselling, and financial assistance to help these children re-enter the education system. Needs more funding to be effective and to contribute to 2022 goal

22/06/2015


Case Study: Threats to Working Conditions in Cambodia

• Working Conditions in Cambodia are rated as High.

• Manufacturing in Cambodia presents its own risks to social responsibility • First half of 2014- over 7,000 work-

related injuries were reported, with over 50 deaths.

• Law states 48 work week, with no excessive overtime. However, workers in industries such as garment are subject to excessive overtime hours with no government enforcement

• Minimum wage in Cambodia is one of the lowest in SE Asia region comparing to other neighboring countries


Case Study: Forced Labour in Vietnam

Unique scenario of forced labour in Vietnam- most of the instances come from government-run drug detention centres. • Individuals in these centres are forced to work for little or no pay as a form of

punishment or rehabilitation. • These centres can be found in most major industrial cities in Vietnam • Whilst the law in Vietnam prohibits the use of forced labour, there is a lack of deterrent-

level punishments for violations. • Sweat shop owners can be fined, very rarely is there ever jail time served for the

discovery of forced labour camps. 22/06/2015

BSI rates Vietnam a Severe risk for Human Rights

Violations

As production has shifted away from commonly known

areas of Human Rights violations (i.e Bangladesh)- the uptick of production in Vietnam has been noticed


Human Rights

Environmental

Working Conditions

Natural Disasters

Counterfeits


+ Supply Chain

Geographic Risk Variables


+ Supply Chain

Geographic Risk Variables

Supplier Name Country Compliance Score- Overall

Geographic Risk –

Human Rights

Risk Factor – Annual Value of

Spend

Overall Risk Score

Taipei Machines Taiwan 70% Elevated Tier 1 3

Manila Parts Philippines 70% Low Tier 2 2

British Electronics England 90% High Tier 2 2

Incorporation of Supply Chain Geographic Risk Intelligence into Assessments


Many due diligence programs require “evidence of implementation” to show exactly how you approach the supplier risk assessment process. • Problems manually compiling all of

the information gathered on a single supplier

• Formatting of manual reports can be time-consuming

• Number of reports that need to be generated can be overwhelming

• May have to compile many reports on a daily basis if assessments are completed regularly

2014

Manual Generation of Supplier Risk Reports


Layer 2



2014

Layer 2


=

Automated Business Partner Risk Assessment Process Dashboarding

Global Mapping

Automatic-Generated Reporting

Corporate Social Responsibility

Geographic Risk Intelligence

Risk Assessment Compliance

Industry-Specific Risks

Variables Specific to Your

Business Relationship

with the Business Partner


Macro and Micro Views of Risk - all levels within organisation

22/06/2015

Assessment Report

Dashboard KPIs


Identify and Map Out High Risk Areas of Global Supplier Base


Automation of Communication and Continuous Monitoring

22/06/2015

• Eliminating manual sending of communication to suppliers

• Eliminating the manual tracking of completion status

• Automatic reoccurrence of assessment intervals


Layer 3



2014

Layer 3


Identifying and Correcting Weaknesses - Corrective And Preventative Action (CAPA) The CAPA process is

designed to identify and correct weaknesses from a

completed assessment report

Biggest fault in risk

assessment methodology is forgetting CAPA step


Analysing and Reviewing Self-Assessment Results

22/06/2015

0% 20% 40% 60% 80% 100%

C4 - Business Governance

C5 - Employment Policies - Child Labour and Forced Labour

C5 - Employment Policies - Wage and Remuneration

C5 - Employment Policies - Working Hours

C6 - Health and Safety

C7 - Data Protection

C8 - Environmental Management

C8 - Environmental Management - Energy Management

C9 - Quality Management

A1 - Business Ethics -…

A2 - Supply Chain Traceability

A3 - Supply Chain Security Management

A4 - Equal Opportunity and Freedom of Association

A5 - Disciplinary Practices and Abuse

A6 - Business Continuity Management

Social/Ethical weaknesses identified Deep Dive audit for Social/Ethical issues


Conflict Minerals

Conflict Minerals

Environmental

Environmental

Risk-Based Methodology Behind On-Site Audit Decisions

See highest-risk business

partners and make informed decisions about

where to perform on-site

audits


Financial spend

Refine Audit Strategy Using Risk-Based Methodology

Country Risk Intelligence

Self-Assessments

Corrective Actions & On-site Audits

250 Suppliers

100 Suppliers

25 Suppliers










SUP

PLI

ER P

ERFO

RM

AN

CE

Entry Level Layer

Layer 1

Layer 2

Layer 3

INCREASED SUPPLY CHAIN VISIBILITY AND COMPLIANCE

Progression Towards Maximum Compliance

creating a holistic social responsibility supply chain risk … webinar 16 june.compressed.pdf ·...

Documents